How digital IDs can boost privacy and security

I’ve written 2 articles on this topic already. It’s good to see other voices out there saying it’s possible to do digital ID without compromising on privacy. But we need more awareness of this. If not, there won’t be the public pressure needed to make sure the systems are actually built in a privacy-preserving way.

Is There a World Where Digital IDs Work?: On the limits of trust, technology, and a frictionless state. Digital Banner from Big Brother Watch on Digital ID In my previous essay, I argued that the debate surrounding Britain’s proposed Digital ID card should be examined through the same lens that all policy and technology should be: through trade-offs. Every system, no matter how elegant or efficient, has trade-offs embedded within it. In the case of Digital ID, some of the main ones lie between convenience and control, inclusion and exclusion, and security and autonomy. The central question I left hanging was whether such a system could ever pass what I called the worst enemy test: would you still trust it if it were run by the people you distrust the most? My instinct is that the answer is no. Convenience, fraud reduction, and efficiency cannot outweigh the risks of structural dependence, centralisation, and surveillance. But instinct is not an argument. The honest challenge is to ask whether a Digital ID could ever be built in a way that withstands those risks — or at the very least, minimises them so that the trade-offs become more palatable. A system that protects citizens not only from bad actors but from good intentions that drift over time. Why Trade-offs Matter More Than Intentions: On Britain’s Digital ID Card That’s what this essay is about. I want to set aside the reflex to oppose and instead ask: Is there a world where Digital ID works? Could it be implemented responsibly, transparently, and securely enough to deliver its promised benefits without becoming another instrument of state surveillance? To answer that, we’ll need to start with what it’s supposed to fix, how the UK plans to build it, and whether the technology and the politics can ever catch up to the ambition. Estonia and Iceland — Case Studies Worth Testing Photo by Filippo Cesarini on Unsplash If the argument so far has been that the trade-offs of Digital ID are too great, it’s only fair to ask whether that conclusion holds up under scrutiny. My instinct might be sceptical, but instincts need to be tested against evidence. Some countries already live with Digital ID systems, and some of them function remarkably well. Estonia is a notable example, one I touched on in my previous essay. It’s also the one every technocrat points to as proof that it can be done. The system has been in place for more than two decades and is held by 99% of the population. Every citizen has an electronic ID card that stores cryptographic keys, allowing them to sign contracts, pay taxes, vote, and access healthcare online. On the surface, it’s a triumph of efficiency. Bureaucracy collapses from weeks to minutes, and the average citizen can see exactly who has accessed their data. Transparency, convenience, and civic participation are built into the design. One of the main reasons Estonia’s system works is because… #genai #shared #ai

The internet was never designed with an identity layer (well because maybe no one thought about the consequences back then). That single design flaw (now that we look retrospectively) explains why we’ve relied on fragile workarounds ever since. Credit cards were built for payments. Emails were built for communication. Phone numbers were built for calls. None of them were meant to prove who you are online. And because of that, our personal details sit in massive databases. Each one is a honeypot. Breach one system and millions of identities are stolen overnight. How is technology solving a problem it created in the first place? Decentralized identifiers offer the answer, and they’re already starting to reshape the identity landscape. Instead of relying on numbers someone else issued, you control a private key. The public key represents you. Think of it like a digital passport locked in your own vault. You decide when and how to use it. No company stores a copy. This is already being operationalized slowly. Few banks are experimenting with cryptographic IDs for customer onboarding. Governments are piloting verifiable credentials for public services. Even the W3C now has standards for decentralized identifiers. Also, the regulators are stepping in. US is debating on the Improving Digital Identity Act, and the UK Parliament is exploring digital ID frameworks. The internet's missing identity layer is slowly within reach. Note: Views are my own and not reflective of any organization I’m associated with.

A FEW THOUGHTS ON THE DIGITAL ID DEBATE: First, obviously this debate is not about the exact data points associated with the first rollout of a digital ID, but about the potential of a government-controlled digital ID infrastructure to incorporate an ever-expanding range of data-points about citizens. As I see it, if your answer to either of the following questions is "No," then it doesn't make sense for you to welcome a government-controlled digital ID, which is aimed at integrating government services within a single database: (1) Do you trust that governments will effectively defend a database that integrates your sensitive data, including taxes, financial information, contact information, health status, vaccination status, purchases, etc. etc. against data leaks, hacks, etc? (2) Do you trust that governments will refrain from exploiting an extensive range of real-time data about your behaviour and choices (your vaccination schedule, your purchase history, your health history, your access to public services, etc.), combined with a digital ID that effectively acts as a gatekeeper to services, to influence, "nudge" and/or coerce you into complying with its policies?

A couple of weeks back, I was at Trust Services and eID Forum - CA Day 2025, where "moving target" became the phrase of the week, and for good reason. Now that slides are available, I thought that it's good to share a few thoughts. The European digital identity ecosystem is evolving at breakneck speed, with eIDAS 2.0, NIS2, DORA, and CRA creating overlapping compliance frameworks. Paloma Llaneza's presentation on cross-regulatory navigation hit home: TSPs face conflicting incident reporting timelines (24h vs 4h vs "without undue delay") and multi-framework audits that can cost €2.6M over five years. Survey reality check: 62% of industry players cite certification uncertainty as the top business risk. Only 6% feel ready for Post-Quantum Cryptography. Timeline pressures are real. Consumer divergence: Politecnico di Milano's 5-country study shows BigTech wallets reach 47-69% adoption, but EUDI Wallet interest varies wildly. Italy's 31% "wallet ready" vs UK's 9%. Innovation sparks: Google's StrongBox proposal for Android-based local QSCD, Adobe's C2PA content credentials expanding to identity trust, and ETSI's unified Lists of Trusted Entities framework. And many more, but also it was clear that such events are not only about knowledge sharing, but also about meeting friends from the industry. I frequently say that eID is a very niche topic, but it's one of the foundational blocks of cyberspace.

Thought Leadership I’m pleased to share that Cindy Van Niekerk, our CEO, has been quoted in a recent article on the UK’s new digital ID scheme. Cindy highlights the importance of designing these systems to protect individuals rather than expose them. Read the full article below. Key takeaways from Cindy’s perspective: Cryptographic credentials can authenticate identity without exposing sensitive data, giving individuals control rather than centralising risk. Today, UK citizen data is fragmented across many insecure databases, which increases vulnerability. A future-ready digital ID scheme must be decentralised, privacy-first, and quantum-resistant by design. Outdated practices such as emailing passport scans to service providers remain insecure and should be replaced by safer, modern methods. The future of identity isn’t about collecting more data — it’s about creating smarter, more secure ways to use it. As governments roll out digital ID programmes, the focus must be on data minimisation, user control, and security by design. At Umazi, we’re proud to be contributing to this conversation and shaping practical solutions for a safer, more trusted digital identity ecosystem. Umazi, Yahoo, Department for Business and Trade, Cindy van Niekerk Yahoo! Finance https://lnkd.in/dt4zwRzh

The Hidden Side of 5G — Lawful Intercept (LI) In 5G, we all talk about blazing speed, low latency, or slicing — but there’s one part of the system that never gets attention. It doesn’t increase speed. It doesn’t improve QoS. Yet it silently protects the nation and ensures every communication stays within the boundary of law. That system is — Lawful Intercept (LI). Let’s take a simple example. Imagine a user — Ram — who just connected to the 5G network. His phone initiates a PDU Session — basically, a tunnel that allows his data to flow from his device to the internet. Behind the scenes: AMF handles his registration and mobility. SMF creates the PDU session, assigns an IP, and selects the UPF (User Plane Function) through which his packets will travel. And once that’s done, his data starts flowing seamlessly through the network. All normal so far, right? Now imagine — the Law Enforcement Agency (LEA) sends a request to monitor a specific user for national security reasons. They don’t directly touch the network — the request first lands at the ADMF (Administration Function). Think of ADMF as the “front desk” of Lawful Intercept. The LICF (Lawful Intercept Control Function) comes into play.it checks if the request is legally valid and authenticated then decides what exactly needs to be intercepted — signaling, data, or both — and passes the request to the LIPF (Provisioning Function). Now comes the smart part — The LIPF doesn’t know where the user currently is or which SMF/UPF is serving them. So it asks the NRF (Service Instance Registration Function) — “Hey, which SMF and UPF are currently serving this subscriber’s PDU session?” The NRF responds with the network topology, and LIPF provisions those NFs (Network Functions) for interception. From this point, the network starts generating two main types of data: IRI (Intercept Related Information) → control plane data — like session creation, modification, release, DNN, IP allocation, etc. CC (Content of Communication) → actual user data — the packets flowing through the UPF. These are not sent directly to the law enforcement — they first pass through secure middle layers: IRI → MDF2 (Mediation & Delivery Function) CC → MDF3 These MDFs ensure that only authorized and standardized data reaches the LEMF (Law Enforcement Monitoring Facility) — the final destination where investigation teams analyze it. All this happens in real time, without disturbing Ram’s browsing, without any impact on performance, and following strict global standards — 3GPP TS 33.126, 33.127, and 33.128. That’s the silent power of Lawful Intercept — not seen, not heard, but always working. #5GCore #TelecomEngineering #LawfulIntercept #NetworkSecurity #PDU #3GPP #TelecomArchitecture #CoreNetwork #NetworkDesign #FutureOfTelecom #TelecomInnovation

We were so lucky to have a World-leading Computer Scientist come along to present at our International Conference on PQC and AI. PQConnect: Automated post-quantum end-to-end tunnels - Daniel J Bernstein PQConnect is a new post-quantum end-to-end tunnelling protocol that automatically protects all packets between clients that have installed PQConnect and servers that have installed and configured PQConnect. Like VPNs, PQConnect does not require any changes to higher-level protocols and application software. PQConnect adds cryptographic protection to unencrypted applications, works in concert with existing pre-quantum applications to add post-quantum protection, and adds a second application-independent layer of defence to any applications that have begun to incorporate application-specific post-quantum protection. Unlike VPNs, PQConnect automatically creates end-to-end tunnels to any number of servers using automatic peer discovery, with no need for the client administrator to configure per-server information. Each server carries out a client-independent configuration step to publish an announcement that the server’s name accepts PQConnect connections. Any PQConnect client connecting to that name efficiently finds this announcement, automatically establishes a post-quantum point-to-point IP tunnel to the server, and routes traffic for that name through that tunnel. The foundation of security in PQConnect is the server’s long-term public key used to encrypt and authenticate all PQConnect packets. PQConnect makes a conservative choice of post-quantum KEM for this public key. PQConnect also uses a smaller post-quantum KEM for forward secrecy, and elliptic curves to ensure pre-quantum security even in the case of security failures in KEM design or KEM software. Security of the handshake component of PQConnect has been symbolically proven using Tamarin. This is joint work with Tanja Lange, Jonathan Levin, and Bo-Yin Yang. https://lnkd.in/e82Yun9v

The Evolution of Authentication 🔒 Part II 👣 The Identity Delegation Era (2010s) A new idea was born. Why should every app manage its own lock and key? Instead, let trusted giants like Google, Microsoft, or Facebook vouch for you. With OAuth 2.0, OpenID Connect, and SAML, authentication became about delegation. You could now “log in with Google,” just like getting into multiple clubs with the same VIP wristband. 👣 Beyond Passwords (2015–Present) Passwords proved weak, they were reused, guessed, phished. So the industry moved toward MFA (codes, apps, hardware keys) and even passwordless solutions (biometrics, WebAuthn). The world began shifting to Zero Trust: no matter who you are or where you’re coming from, you’re always verified. It’s like living in a high-security airport lounge where your identity is checked at every checkpoint. This story is ongoing... authentication is no longer just about logging in, it’s about proving who you are, continuously and seamlessly, in a world where trust is never assumed. And as technology advances, so do the methods of breaching it. For us developers, this means one thing: staying updated and implementing authentication the right way is no longer optional, it’s essential. A single lapse in securing an application can lead to massive losses, both for businesses and their users. That’s why, in the coming weeks, I’ll be sharing a series on common mistakes developers make when implementing authentication and how to avoid exposing apps to untrusted parties. Stay tuned, let’s learn (and secure) together. 🚀